Overview

overview

4

Static

static

c71e5ac25d...0e.exe

windows7-x64

4

c71e5ac25d...0e.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    61s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2022, 19:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c71e5ac25dcad4decf86a77d7b7fc906d31ce660cdccf83159da46479758550e.exe

  • Size

    96KB

  • MD5

    1bf63f13c266c721d831a4ba8bba63a1

  • SHA1

    745e2914f1fb9f11341c66b448f2fe4bde130ae2

  • SHA256

    c71e5ac25dcad4decf86a77d7b7fc906d31ce660cdccf83159da46479758550e

  • SHA512

    daa0a91aeef35e672b050274256166ddb719c3d284d95a564ff23cb7373d9ff31cb19da905705413e108273f2fb5c3bf0f2927d4e4c9989f0938b9534e8a74ba

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUo2bxPpBT:5m8nBjTmbxRBRN6WYiKqVo6Z3bxRBT

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:776
      • C:\Users\Admin\AppData\Local\Temp\c71e5ac25dcad4decf86a77d7b7fc906d31ce660cdccf83159da46479758550e.exe
        "C:\Users\Admin\AppData\Local\Temp\c71e5ac25dcad4decf86a77d7b7fc906d31ce660cdccf83159da46479758550e.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:3284

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads